A7 B7 五、發明説明( 發明背景 本發明係關於一般之電腦安全,特別係關於一種系統用 以粘測私腦機殼是否撬開。由於電腦係用以資料處理及管 理裝置,電腦常面對無授權接近之威脅,各種軟體方法係 已被應用於提供保護。密碼係限制僅知該密碼之使用者接 近,防火牆係另一種軟體機構以保護電腦遠離經由網路之 非法入侵。 該等軟體方法係提供少部份之實體防護,有些甚或不具 貝體防遵。故’若有人試圖從操作接近電腦,則軟體可提 供相當有效之保護,反之,若_未授權人士試圖實際打開電 月匈並將硬碟重新組接,則該等軟體則無法提供安全保護。 不幸地’僅有一些甚至根本無任何符合成本效益的方法 以防止電腦党到實質攻擊,任何組織中,多係個人電腦分 佈於各組織之設施中,因是任何人接近組織之設施,即可 接近電腦。 有一些方法係被提出用以偵知該電腦殼體實質上被打開 ’一旦偵知電腦打開的事件發生,即試圖將電腦關閉。在 此情況下’電腦之結構可讀寫記憶體即被清除,電腦之軟 體或執行程式則被設計用以防止對此種清空所產生之更進 —步之電腦操作。 習知技術之問題在於實際上已誤解威脅的範圍,因是, 根據所偵知威脅,提供訊息足以警示必須有時將電腦打開 <使用者。缺少實際之安全措施,則無有效之機構用以保 (請先閱讀背面之注意寒項再填寫本頁) 鬌衣‘ 訂 輕濟部中央榡準局另工消贽合作社印製A7 B7 V. Description of the invention (BACKGROUND OF THE INVENTION The present invention relates to general computer security, and in particular, to a system for measuring whether a private brain case is pry open. Since computers are used for data processing and management devices, computers often face The threat of unauthorized access, various software methods have been applied to provide protection. Passwords restrict access to users who only know the password, and firewalls are another software agency to protect computers from illegal intrusion through the network. These software methods It provides a small amount of physical protection, some of which are not even compliant. Therefore, 'if someone tries to approach the computer from operation, the software can provide quite effective protection. On the contrary, if an unauthorized person attempts to actually open the electricity and If you reassemble the hard disk, the software will not provide security protection. Unfortunately, there are only some or even no cost-effective methods to prevent computer attacks. In any organization, many personal computers are distributed among In the facilities of each organization, anyone can access the computer because they are close to the organization's facilities. It is proposed to detect that the computer casing is actually opened. 'Once the event that the computer is opened is detected, an attempt is made to shut down the computer. In this case, the structure of the computer is readable and writable, and the software of the computer or Executing programs are designed to prevent further computer operations resulting from this type of emptying. The problem with conventional technology is that the scope of the threat has actually been misunderstood because, based on the detected threat, providing information is sufficient to warn The computer must sometimes be turned on < the user. Without actual security measures, there is no effective mechanism to protect it (please read the note on the back before filling out this page). Printed by another consumer cooperative
----五、發明説明( 2 A7 B7 :ί機腦系統中之電腦資料。-旦機殼被打開之後,磁 容:#出’或與不同之電腦構成連接以存取 二如習知技術者至多僅可増加接近電腦資料者::: 度;、、、而對雷人困難 々注、、土 、恥而㊁必須記住防範清除電腦結構資祖 抖::^ ’或記住在打開機殼後如何重建該結構資料,,等 措施則造成相當的不方便。 邊寺 、,㈣知技術偵知機殼打開,相對打開機後後 = 不是停止該電腦之運作,取而代之的是於操作 ,電腦操作系統及/或網路監控系統被告知,結果 停步電腦運作的問題及困擾則爲之避免。甚者,會進一二 !出通知使安全人員可即時了解狀況,因是可使電腦㈣ 貝或組織依步驟包含任何與可能危及電腦安全之損壞發生 匕通知本身提供一些差異等級,因爲當訊號爲機殼安 全檢測系統所注意時,未授權之使用者將了解其存取資料 的動作係已被偵知。如申請專利範圍第一項,本發明係以 廣义的形成存在於系統之中,用以檢測電腦撬開狀況。 在此I較佳貫施例足特徵係在於電腦機殼撬開檢測系統 ,該系統包括一”開關”,係針對機殼被打開外露其電子硬 體而有所反應,以及輔助狀態元件,使用以依據”開關,,反 應而改變狀態,即使電腦係呈關機狀態。一報告程式運作 於硬體中,於該電腦操作時調查該輔助狀態元件之狀態, 藉以提供關於殼是否安全之通知。 於特定實施例中,該輔助狀態元件爲符合眞確之時間係 以電池所驅動,在其他的應用中,電容<件係可被採用以 -5- 本纸乐尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) (請先閱讀背面之注意事項再填寫本頁) 爾衣· 、11 經漪部中央標準局月工消費合作社印繁 A7 B7 經漭部中戎標準扃货工消费合作社印^ 479165 五、發明説明(3 “、、短時間内〈電力。較佳者係該輔助狀態元件具備一單 …己憶裝置,由該開關加以重置以減少電力之消耗。 -1一万面4施例中之額外之控制器係作爲該輔助狀態 凡件與電腦操作系統間之— p p裝置,用以檢測該輔助狀態 裝置之狀態以及重置該輔助狀態裝置。該元件可作爲來自 讀作系統之緩衝器以重置該輔助狀態元件,但僅在接收 預設碼之反應後。 、k之本1月各’特徵》括不同全新之細部結構以及零 件之組合,以及其他之優^將參照所附之圖示加以説明: :以被理解的是’本發明所示之各種實施方法及裝置,係 馬舉例説明之用,並非用以限制本發明。本發明之原理、 特徵亦可爲其他變化之實施例所採用,而不背離本發明之 範圍。 圖式之詳細説明 所附之圖式中,在各個不同視圖中相同之標示符號係標 注相同之物件。各圖式並非以相同比例繪製,說明本發明 之原理將被特別加以強調。各圖式如下: 圖1A及1B係圖示傳統及立式結構電腦機殼打開之狀況。 圖2 A及2B係圖示説明該用以檢測機殼基座移動之微動 開關位置。 圖3係爲一方塊圖,用以説明該機殼安全狀態檢剛系統 及該系統與電腦其他元件之關係。 圖4係爲一方塊圖,用以説明該機殼安全狀態檢測系統 與該操作系統間之軟體介面。 -6 本紙張尺度適用中國國家標準(CNS ) A4規格(2ι〇χ 297公釐) (請先閲讀背面之注意事項再填寫本頁)---- V. Description of the invention (2 A7 B7: Computer information in the computer brain system.-Once the case is opened, the magnetic capacity: # 出 'or a connection with a different computer to access the two as known Technologists can only access computer data at most :: Degrees; ,,,, and others who are difficult to make a note of ,, soil, shame, and must remember to prevent the erasure of computer structures: ^ 'or remember in How to rebuild the structural information after opening the case, and other measures cause considerable inconvenience. Bian Si, and Zhizhi Technology detect that the case is opened, and after opening the case, it is not to stop the operation of the computer, but to replace it with Operation, the computer operating system and / or network monitoring system was informed, as a result, the problems and troubles of the computer operation were avoided. In addition, one or two will be entered! The notification allows the security personnel to understand the situation in real time because it is possible Making the computer or organization step-by-step contain any damage that may endanger the security of the computer. The notification itself provides some level of differentiation, because when a signal is brought to the attention of the case security detection system, unauthorized users will understand its The action of accessing data has been detected. As the first item in the scope of patent application, the present invention exists in the system in a broad sense, and is used to detect the pry-off condition of the computer. It is better to implement the example here. It is characterized by the computer case prying open detection system. The system includes a "switch", which responds to the case being opened to expose its electronic hardware, and auxiliary state components. Use the "based on" switch to respond to changes. State, even if the computer is turned off. A reporting program operates in the hardware and investigates the status of the auxiliary status element when the computer is operating to provide notification as to whether the case is safe. In a particular embodiment, the auxiliary status element In order to meet the exact time, it is driven by the battery. In other applications, the capacitors can be used in accordance with the Chinese National Standard (CNS) A4 specification (210X 297 mm) in the -5- paper scale. ( (Please read the precautions on the back before filling this page) Eryi ·, 11 Printed by the Central Standards Bureau of the Ministry of Economic Affairs of the Moon Industry Consumer Cooperatives, India Fan A7 B7 Printed by the Ministry of Economic Affairs of the Zhongrong Standards Consumer Goods Industry Cooperative Society ^ 479 165 V. Description of the invention (3 ", short-term <power. The better is that the auxiliary state element has a single ... memory device, which is reset by the switch to reduce the power consumption. -110,000 face 4 The additional controller in the embodiment serves as a pp device between the auxiliary state device and the computer operating system to detect the state of the auxiliary state device and reset the auxiliary state device. The element can be used as a read system Buffer to reset the auxiliary state element, but only after receiving the response of the preset code. K's January features include different new detailed structures and combinations of parts, as well as other advantages. The attached diagram illustrates: "It is understood that the various implementation methods and devices shown in the present invention are used for illustration and are not intended to limit the present invention. The principles and features of the present invention can also be adopted in other modified embodiments without departing from the scope of the present invention. Detailed description of the drawings In the attached drawings, the same reference symbols in different views refer to the same objects. The drawings are not drawn to the same scale, and the principles of the present invention will be particularly emphasized. The drawings are as follows: Figs. 1A and 1B are diagrams showing the opening of a conventional and vertical structure computer case. Figures 2A and 2B are diagrams illustrating the position of the micro switch for detecting the movement of the chassis base. Fig. 3 is a block diagram for explaining the case security state detection system and the relationship between the system and other components of the computer. FIG. 4 is a block diagram for explaining a software interface between the case security state detection system and the operating system. -6 This paper size applies to Chinese National Standard (CNS) A4 (2ιχχ 297 mm) (Please read the precautions on the back before filling this page)
479165 A7 B7 五、發明説明(4 ) 〜 較佳實施例 < 詳細 圖1A及1B係分別表示傳統及立式結構電腦之機殼打開 之狀況。基座110,一般係以金屬板材所製成,係自框架 結構120移開,使電腦内部之電子硬體13〇外露。 圖2A及2B係分別表示該傳統及立式結構中電子硬體 130,各種元件係包含主機板132、硬碟機134、磁碟機 13 5以及子電路板之插槽丨3 6。於傳統或立式結構電腦中之 微開關1 5 0係檢測當該基座丨丨〇移動時,該電腦機殼是否 呈打開狀況。傳統結構中,該微開關15〇係貼靠於用以支 撐該硬碟機134及磁碟機135_之金屬框架内側部份;立式 結構中,該開關150係貼靠於自電腦頂部之前端延伸至其 後端之樑122。 ^ 微開關亦有可能係在其他位置。一般較佳者,該微開關 應被置於當機殼打開時,一無法爲手握持之封閉位置,但 當該基座1 10 —移動之後則可檢測機殼打開。 圖3係説明電腦< 一般之結構,以及該機殼狀態檢測安全 系統之應用。電腦中最常共用之元件包含微處理器叶、基 經M-部中央標準局巧工消費合作社印裂 --------衣— C請先閲讀背面之注意事項再填寫本頁) ,輸入/輸出系統BI0S、結構記憶體CM〇s以及即時計二 器RTC。電源供應器312提供該微處理器卟及輔助微控制 器 μ(:。 反制撬開電路ATC包括輔助狀態元件,—般以D型正反 器310爲佳》其清除终端c係連接於該開關15〇,其輪入 終端D、設定终端SET及電力終端vcc係連接於由電池B 提供之高階邏輯電壓,其係同時提供該結構記憶體cm〇s479165 A7 B7 V. Description of the Invention (4) ~ Preferred Embodiments < Details Figures 1A and 1B show the opening of the case of a conventional and vertical structure computer, respectively. The base 110 is generally made of a metal plate and is removed from the frame structure 120 to expose the electronic hardware 13 inside the computer. 2A and 2B show the electronic hardware 130 in the conventional and vertical structures, respectively, and various components include a motherboard 132, a hard disk drive 134, a magnetic disk drive 13 5 and a slot for a sub-circuit board 36. A micro switch 150 in a traditional or vertical structure computer detects whether the computer case is open when the base moves. In the traditional structure, the micro switch 15 is attached to the inner part of the metal frame used to support the hard disk drive 134 and the magnetic disk drive 135_; in the vertical structure, the switch 150 is attached to the top of the computer. The beam 122 extends from the front end to the rear end. ^ Microswitches may also be tied in other positions. It is generally preferred that the micro-switch should be placed in a closed position that cannot be held by the hand when the case is opened, but the case can be detected to be open after the base 1 10-moves. Figure 3 illustrates the general structure of a computer < and the application of the case condition detection security system. The most commonly used components in the computer include microprocessor leaves, printed by the M-Ministry of Central Standards Bureau, Qiao Gong Consumer Cooperative Co., Ltd. —---- Clothing — Please read the precautions on the back before filling this page) , Input / output system BIOS, structure memory CMOS and real-time meter RTC. The power supply 312 provides the microprocessor and the auxiliary microcontroller μ (:. The counter-opening circuit ATC includes auxiliary state components, generally a D-type flip-flop 310 is preferred.) Its clear terminal c is connected to the Switch 15〇, the turn-in terminal D, the setting terminal SET, and the power terminal vcc are connected to the high-order logic voltage provided by the battery B, which also provides the structure memory cm〇s
-I - i i - i 479165 經濟部中央標準局員工消費合作社印製 第87110163號專利申請案 中文說明書修正頁(89年3月) A7 —___B7_____ 五、發明説明(5 )丨, d ;;-Ί' η · * ! ; ι \ ] 及即時計時器RTC之電力,其計時終端CLK係連接於該 輔助微控制器μ(:,而其輸出Q BAR係連接於該辅助微控 制器μ(:讀取。 連接之後之D型正反器3 10係由該微控制器μ(:設定以 輸出一低階邏輯輸出Q BAR,倘若該微開關1 50係因該基 座1 1 〇之移動而致動(開路),則設定該D型正反器之輸出 Q BAR為高階邏輯,其係指示該機殼為打開及不安全之狀態。 為確保即使電腦不在操作狀況下,機殼打開亦可被檢 測,必須一直對該反撬開電路ATC提供電力,該電力係藉 由操作該輔助狀態元件以電池B對該即_計時器Rtc供 給,其結果係只要該電池B具有足供之電壓以致動該辅助 狀恐元件’遠系統將精確地記錄機殼之打開。當該系統因 该電池電壓不足而失去電力,或與電池形成斷路時,不安 全打開機殼情況’’將加以指示。 該ATC同時指示當該機殼被不當地重新設定情況,該β 型正反器3 10將不會重置當該蓋子係處於不安全之情況。 該反橇開電路ATC將持續顯示不安全機殼情況。此技術係 被用以確保該基座係適當地貼靠。 較佳及如此所述者,該輔助狀態元件3 1 〇係為僅單一上 兀(D型正反器儲存元件,此一特色係重要,因為該元= 在一些微放大器之控制下,具極低之電力消耗,此最小之 方法較適於利用較大、多位元存元件,甚至可提供更多2 貝訊,〈因為較大之元件 >且決不會消挺過多之電力,因此 使該即時計時器過早老化。根據在此兮 ,, 〜掏返,琢輔助狀 -8- 本紙張尺度適用中國國家標準((21〇>< 297公楚)------__ -Τ 1 - - 4 · (請先閲讀背面之注意事項再填寫本頁} ;裝· 訂 4 經濟部中央標準局妇工消費合作衽印¾ 479165 A7 ____ B7 五、發明説明(6 ) ~ 態元件僅係單一位元以減少電力消耗,且因是並不4告辦 曰只貝 衝擊該電池之操作使用週期。 另一關於最小應用之優點係其具有低成本,有關此—特 徵所增加之成本係D型正反器3丨〇及該開關1 5〇之成本, 當該微控制器係已準備執行其他之任務。 該反撬開電路ATC爲該電腦之微處理器μρ之操作系統 所間接控制爲隹,與該微控制器pc做爲緩衝器。在電操作 期間,該微控制器μ(:接收電力並清查該輔助狀態元件3 ^ 〇 之狀態,特別係該電腦首次裝設。當該電腦係停止,若哕 輔助狀態元件3 10已爲玆打開—之機殼開關15〇所清除,哕 控制洛μ(3由該基座安全線上之高階邏輯偵測不安全狀能 ’該資料可被傳送至該微處理器μΡ之操作系統,或藉由對 該微處理器μΡ啓動干擾程序,亦或僅通過該操作系當該微 控制器pC係被該微處理器μΡ清查中。 實施例中,該操作系統可重置該輔助狀態元件3 1〇,在 通過適當預定碼至微控制器μϋ以回復機殼11〇之安全狀 L。此—預定碼爲一密碼在適當作用後可由操作員輸入完 成此—特徵係相當重要,因爲其可預防授權使用者打開 "又’以自電腦内獲取資料,並可重置該狀態元件3丨〇經 由操作系統以防任何對電之未授權侵入。 圖4係方塊圖用以説明電腦之控制架構,該BIOS係爲基 本輻出/輸入系統用以控制硬體,於BIOS及操作系統之間 桌上型管理介面DMI經由該微控制器PC清查該輔助 、元件之狀態,並通知或回報該電腦操作員經由該操作 --*-— -- (請先閱讀背面之注意事項再填寫本頁)-I-ii-i 479165 Printed Chinese Manual for Patent Application No. 87110163 of the Central Consumers' Bureau of the Ministry of Economic Affairs, Amendment Sheet for Chinese Specification (March 89) A7 —___ B7_____ V. Description of Invention (5) 丨, d;; -Ί 'η · *!; ι \] and the power of the real-time timer RTC, its timing terminal CLK is connected to the auxiliary microcontroller μ (:, and its output Q BAR is connected to the auxiliary microcontroller μ (: read After the connection, the D-type flip-flop 3 10 is set by the microcontroller μ (: set to output a low-order logic output Q BAR, if the micro switch 1 50 is caused by the movement of the base 1 1 〇 (Open circuit), the output of the D-type flip-flop Q BAR is set to high-order logic, which indicates that the case is open and unsafe. To ensure that the case can be opened even when the computer is not in operation The test must always provide power to the anti-pry-open circuit ATC. The power is supplied to the _ timer Rtc by the battery B by operating the auxiliary state element. As a result, as long as the battery B has sufficient voltage to actuate The auxiliary-like fear element 'remote system will accurately remember The opening of the case. When the system loses power due to insufficient battery voltage or forms a disconnection with the battery, the case of unsafe opening of the case will be indicated. The ATC also indicates when the case is reset incorrectly The β-type flip-flop 3 10 will not be reset when the cover is in an unsafe condition. The anti-skid circuit ATC will continue to display the unsafe case. This technology is used to ensure the base system Appropriate abutment. Preferably and as described above, the auxiliary state element 3 1 0 is only a single upper (D-type flip-flop storage element, this feature is important because the element = in some micro amplifiers Under the control, it has extremely low power consumption. This smallest method is more suitable for using larger, multi-bit memory components, and can even provide more than 2 frames. <Because the larger components> will never be depleted. Excessive power, so that the instant timer is prematurely aging. According to this, ~ ~ Drawback, cut auxiliary shape -8- This paper size applies Chinese national standards ((21〇 > < 297 公 楚)- -----__ -Τ 1--4 · (Please read the Please fill in this page again for the matters needing attention}; Binding and ordering 4 Seal of cooperation between women and workers in the Central Standards Bureau of the Ministry of Economics 479 165 A7 ____ B7 V. Description of the invention (6) ~ The state components are only a single bit to reduce power consumption, and because It is not reported that the battery impacts the operating cycle of the battery. Another advantage of the smallest application is that it has low cost. The added cost of this feature is the D-type flip-flop 3 and the switch. The cost of 150 is when the microcontroller is ready to perform other tasks. The anti-open circuit ATC is controlled indirectly by the operating system of the microprocessor μρ of the computer, and the microcontroller pc acts as buffer. During electrical operation, the microcontroller μ (receives power and checks the status of the auxiliary state element 3 ^ 〇, especially the first installation of the computer. When the computer is stopped, if the auxiliary state element 3 10 has been Open—the case switch 15 is cleared, and the control is controlled. (3) The unsafe state is detected by the high-level logic on the safety line of the base. The data can be transferred to the operating system of the microprocessor μP, or borrowed. The interference program is started by the microprocessor μP, or the microcontroller pC is checked by the microprocessor μP only through the operating system. In an embodiment, the operating system can reset the auxiliary state element 3 1 〇, through the appropriate predetermined code to the microcontroller μϋ to restore the security status L of the case 11. This—the predetermined code is a password that can be entered by the operator after proper functioning—the feature is very important because it can prevent Authorized users open "quote" to obtain data from the computer and reset the status element 3 through the operating system to prevent any unauthorized access to electricity. Figure 4 is a block diagram to illustrate the computer's control architecture The BIOS is a basic spoke / input system for controlling hardware. The desktop management interface DMI between the BIOS and the operating system checks the status of the auxiliary and components through the microcontroller PC, and notifies or reports the computer operation. Through this operation-* ----(Please read the precautions on the back before filling this page)
、—HU • 1 - - - - 479165 A7 B7 五、發明説明(7 ) 系統0S或可能之安全人員經由電腦網路,藉此適當之步 驟可使於該未授權機殼打開時加以實施,一旦接收來該操 作系統0S適當之預定碼,該微控制器μ<:重設該元件310 至指示該機殼安全狀態。 另一實施例中,該D型正反器3 10係由電容提供電力, 該電容係由操作中之電腦加以充電,利用合理大小之電容 器,該D型正反器3 1 0可持續獲得電力達五小時以上,此 一結構具有無需加入該即時計時器電池之電池汲之優點。 其缺點則係當數小時後電容電力耗畫,則不論機殼是否打 開均會顯示不安全之狀況。 本發明係參照較佳實施例加以説明,但其可被了解的是 ,任何熟悉此項技藝者所作外型或細部之各種改變均不脱 離本發明之申請專利範圍所定之範圍及其精神。 (請先閱讀背面之注意事項再填寫本頁) 經濟部中央標準局爲工消费合作社印聚 本纸張尺度適用中國國家標準(CNS ) Α4規格(210X 297公釐)--HU • 1----479165 A7 B7 V. Description of the invention (7) The system 0S or possible security personnel via the computer network, through which appropriate steps can be implemented when the unauthorized enclosure is opened, once Receiving the appropriate predetermined code from the OS 0, the microcontroller μ <: resets the element 310 to indicate the safe state of the case. In another embodiment, the D-type flip-flop 3 10 is powered by a capacitor, and the capacitor is charged by a computer in operation. Using a capacitor of reasonable size, the D-type flip-flop 3 1 0 can continuously obtain power. For more than five hours, this structure has the advantage of not having to add the battery drain of the instant timer battery. The disadvantage is that when the power consumption of the capacitor is drawn after a few hours, it will show an unsafe condition whether the case is open or not. The present invention is described with reference to the preferred embodiments, but it can be understood that any change in appearance or details made by those skilled in the art will not depart from the scope and spirit of the scope of patent application of the present invention. (Please read the notes on the back before filling out this page) The Central Standards Bureau of the Ministry of Economic Affairs prints for the industrial and consumer cooperatives. The paper size is applicable to China National Standard (CNS) Α4 (210X 297 mm)